CWE-612
Improper Authorization of Index Containing Sensitive Information
The product creates a search index of private or sensitive documents, but it does not properly limit index access to actors who are authorized to see the original information.
Official CWE-612 definition at MITREImpactr finds and proves weaknesses like CWE-612 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist